From e2019aa7a8e18549df359bac39b325a86f448ccc Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 6 Jul 2014 17:37:10 -0400 Subject: propellor spin --- src/Propellor/CmdLine.hs | 10 ++++++---- src/Propellor/PrivData.hs | 12 ++++++++++-- 2 files changed, 16 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/Propellor/CmdLine.hs b/src/Propellor/CmdLine.hs index 5e20427e..448e70d2 100644 --- a/src/Propellor/CmdLine.hs +++ b/src/Propellor/CmdLine.hs @@ -84,7 +84,7 @@ defaultMain hostlist = do go _ (Docker hn) = Docker.chain hn go True cmdline@(Spin _) = buildFirst cmdline $ go False cmdline go True cmdline = updateFirst cmdline $ go False cmdline - go False (Spin hn) = withhost hn $ const $ spin hn + go False (Spin hn) = withhost hn $ spin hn go False (Run hn) = ifM ((==) 0 <$> getRealUserID) ( onlyProcess $ withhost hn mainProperties , go True (Spin hn) @@ -176,14 +176,16 @@ updateFirst cmdline next = do getCurrentGitSha1 :: String -> IO String getCurrentGitSha1 branchref = readProcess "git" ["show-ref", "--hash", branchref] -spin :: HostName -> IO () -spin hn = do +spin :: HostName -> Host -> IO () +spin hn hst = do url <- getUrl void $ gitCommit [Param "--allow-empty", Param "-a", Param "-m", Param "propellor spin"] void $ boolSystem "git" [Param "push"] cacheparams <- toCommand <$> sshCachingParams hn - go cacheparams url =<< gpgDecrypt privDataFile + go cacheparams url =<< hostprivdata where + hostprivdata = show . filterPrivData hst <$> decryptPrivData + go cacheparams url privdata = withBothHandles createProcessSuccess (proc "ssh" $ cacheparams ++ [user, bootstrapcmd]) $ \(toh, fromh) -> do let finish = do senddata toh "privdata" privDataMarker privdata diff --git a/src/Propellor/PrivData.hs b/src/Propellor/PrivData.hs index 0194c969..e9e7e47f 100644 --- a/src/Propellor/PrivData.hs +++ b/src/Propellor/PrivData.hs @@ -29,6 +29,8 @@ import Utility.FileMode import Utility.Env import Utility.Table +type PrivMap = M.Map (PrivDataField, Context) PrivData + -- | Allows a Property to access the value of a specific PrivDataField, -- for use in a specific Context. -- @@ -68,7 +70,13 @@ getLocalPrivData field context = where localcache = catchDefaultIO Nothing $ readish <$> readFile privDataLocal -getPrivData :: PrivDataField -> Context -> (M.Map (PrivDataField, Context) PrivData) -> Maybe PrivData +{- Get only the set of PrivData that the Host's Info says it uses. -} +filterPrivData :: Host -> PrivMap -> PrivMap +filterPrivData host = M.filterWithKey (\k _v -> S.member k used) + where + used = _privDataFields $ hostInfo host + +getPrivData :: PrivDataField -> Context -> PrivMap -> Maybe PrivData getPrivData field context = M.lookup (field, context) setPrivData :: PrivDataField -> Context -> IO () @@ -124,7 +132,7 @@ setPrivDataTo field context value = do | end s == "\n" = chomp (beginning s) | otherwise = s -decryptPrivData :: IO (M.Map (PrivDataField, Context) PrivData) +decryptPrivData :: IO PrivMap decryptPrivData = fromMaybe M.empty . readish <$> gpgDecrypt privDataFile makePrivDataDir :: IO () -- cgit v1.2.3